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Amendments to the Claims: 

This listing of claims will replace all prior versions, and listings, of claims in the application: 
Listing of Claims; 

L (Canceled) 

2. (Currently amended) The method of etam-4- claim 9. wherein the interrupting step comprises 
the step of discarding a later data packet from the originator. 

3. (Currently amended) The method of claim 1 claim 9. wherein the interrupting step comprises 
the step of sending a command to an the u pstream router to intercept future data packets from the 
originator. 

4. (Currently amended) The method of claim 1 claim 9. wherein the interrupting step comprises 
the step of forwarding an agent to an the u pstream router, the agent arranged to intercept future 
data packets from the originator. 

5. (Currently amended)The method of claim 4 claim 9, wherein the determining step comprises 
the step of checking for a potential presence of at least one of a worm, a virus, and a Trojan 



horse- 
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6. (Currently amended) The method of claim 1 claim 9. wherein the monitoring step comprises al 
least one of the steps of: 

random sampling of a subset of data packets; 
monitoring data packets having a predetermined source address; 
monitoring data packets having a predetermined destination address; and 
monitoring data packets having a predetermined combination of source and destination 
address. 

7. (Currently amended)The method of claim 1 claim 9. wherein the determining step comprises 
the steps of: 

determining that a first data packet is suspicious; and 

in response to determining that the first data packet is suspicious, deciding to monitor 
future data packets having at least one of a source address and a destination address matching, 
respectively, the source address and the destination address of the first data packet 

8. ( Currently amended) The method of claim 1 claim 9» wherein the interrupting step comprises 
the step of collaborating with 8» the u pstream router to cause the upstream router to update its 
capabilities to detect a potentially harmful data packet. 
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9. (Previously Presented) A method for providing node security in a router of a packet network, 
comprising the steps of: 

monitoring a data packet sent from an originator via the router and addressed to a 
destination device other than the router; 

determining in the router whether the data packet is potentially harmful to the destination 

device; 

interrupting transmission of the data packet in response to determining that the data 
packet is potentially harmful to the destination device, the interrupting further comprising the 
step of communicating with a second router to cause the second router to interrupt transmission 
of a future data packet; and 

transmitting the data packet in response to determining that the data packet is not 
potentially harmful to the destination device, wherein the interrupting step comprises the step of 
collaborating with an upstream router that is not a neighbor of the router to have the upstream 
router block transmissions from the originator. 

10. (Original) The method of claim of 9, wherein the interrupting step further comprises the step 
of identifying the upstream router by sending a command to the originator, the command 
requesting address information from participating routers. 
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1 1 . (Currently amended) A router for providing node security in a packet network, comprising: 

a plurality of I/O ports for accepting a data packet sent from an originator via the router 
and addressed to a destination device other than the router, and for transmitting the data packet to 
the destination device; and 

a processor coupled to the plurality of I/O ports for processing the data packet; 
wherein the processor is programmed to: 

monitor the data packet; 

determine whether the data packet is potentially harmful to the destination device; 

interrupt transmission of the data packet in response to detenmning that the data packet is 
potentially harmful to the destination device, including communicating with a second router to 
cause the second router to interrupt transmission of a future data packet; and 

transmit the data packet in response to determining that the data packet is not potentially 
harmful to the destination device, 

wherein the processor is further programmed to collaborate with an upstream router that 
is not a neighbor of the router to have the upstream router block transmissions from the 
originator . 

12. (Currently amended) The router of claim 11, wherein, in response to interrupting the data 
paeket determining that the data packet is potentially harmful to the desti nation device, the 
processor is further programmed to discard a later data packet from the originator. 
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13. (Currently amended) The router of claim 11, wherein, in response to interrupting tho data 
pflttto Hfttermintnp that the data packet is potentially harmf ul to the destination device, the 
processor is further programmed to send a command to an the upstream router to intercept future 
data packets from the originator. 

14. (Currently amended) The router of claim 1 1, wherein, in response to interrupting th e data 
packet determining that the data packet is potentially harmful to the destination device, the 
processor is further programmed to forward an agent to an the u pstream router, the agent 
arranged to intercept future data packets from the originator. 

15. (Original) The router of claim 1 1 > wherein the processor is further programmed to check for 
a potential presence of at least one of a worm, a virus, and a Trojan horse, 

16. (Original) The router of claim 1 1, wherein the processor is further programmed to at least 
one of: 

random sample a subset of data packets; 
monitor data packets having a predetermined source address; 
monitor data packets having a predetermined destination address; and 
monitor data packets having a predetermined combination of source and destination 
address. 
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17. (Original) The router of claim 1 1, wherein the processor is further programmed, 

in response to determining that a first data packet is suspicious, to decide to monitor future data 
packets having at least one of a source address and a destination address matching, respectively, 
the source address and the destination address of the first data packet. 

18. (Currently amended) The router of claim 1 1, wherein the processor is further programmed to 
collaborate with an the u pstream router to cause the upstream router to update its capabilities to 
detect a potentially harmful data packet. 



19. (Canceled) 



20. (Currently amended) The router of claim of 19 claim IK wherein the processor is further 
programmed to identify the upstream router by sending a command to the originator, the 
command requesting address information from participating routers. 
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21 . (Currently amended) A method for providin g node security in a ro uter of a packet network. 
comprising the steps of: 

monitoring a data packet sent from an originator via the router a nd addressed to a 

destination device other than the router: 

determining in the router whether the data packet is potentially har mful to the destination 

device; 

interrupting transmis sion of the data packet in response to determining that the data 

packet is potentially harmful to the destination device, the interrupting further comprising the 
step of communicat in g with a second router to cause the second router to interrupt transmission 
of a future data packet: and 

transmitting the data packet in response to detennin inp that t he data packet is not 

potentially harmful to the destination device T ho method of claim 1 

wherein the determining in the router whether the data packet is potentially harmful to the 
destination device further comprises determining in the router, without using information 
originated by the destination device, whether the data packet is potentially harmful to the 
destination device. 
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22. (Currently amended) A router for providing node security in a packet network, comprising: 

a plurality of I/O ports for accepting a data packet sent from an originator via the router 

and addressed to a destination device other than the router, and for transmitting the data packet to 
the destination device: and 

a processor coupled to the plurality of I/O ports for processing th e data packet: 

wherein the processor is progra mmed to: 
monitor the data packet: 

determine whether the data packet is potenti ally harmf ul to the destination device: 

interrupt transmission of the data packet in response to de termining that the data packet is 

potentially harmful to the destination device, including communicating with a second router to 

cause the second router to interrupt transmission of a future data packet: and 

transmit the data packet in response to detennining that the data packet is not potentially 

harmful to the destination device. 

The router of olnim -44- wherein the processor is further programmed to determine, 

without relying on information originated by the destination device, whether the data packet is 

potentially harmful to the destination device. 

************ 
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